Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11There is a new zero-day vulnerability in Windows
The vulnerability posted on Twitter and on GitHub also has a PoC that demonstrates one of the ways this error exploits the machine, making it impossible to boot.
SandboxEscaper, an August researcher who posted a Windows escalation error, recently discovered an unpatched Windows vulnerability on his Twitter.
The new error also has some similarities to the previous error.Windows services are often run with privileges and sometimes they perform some action on behalf of the user with a feature called impersonation.These services act as if they are using a user's privilege.Then they return to their original identities.
Both this error and the previous error that SandboxEscaper detected are based on using an improper impersonation feature, specifically the service (last time Task Scheduler, Data Sharing Service this time) to transfer the identity quickly and effectively. currently acts with advanced rights.
The latest error allows a file to overwrite another file, causing the impersonated file to be deleted, making it impossible for users who have no permissions to delete any files on the system, even those data they should not have access to.
New vulnerabilities only affect Windows 10, Server 2016 and Server 2019
The point of time with this error is very important, two actions must be done simultaneously to be successful.SandboxEscaper says that, therefore, deploying on a single-core machine may seem difficult, but with multiple-core machines it is very vulnerable to attack.The PoC of SandboxEscaper posted on GitHub will prove by deleting the Windows PCI driver.Users should not try it at an important machine because when this file is deleted, the machine cannot boot.
Data Sharing Service is only available on Windows 10, so this error will only affect Windows 10, Windows Server 2016 and Windows Server 2019. The error was previously used on malware.New errors are harder to exploit and the ability to delete files is also not useful by overwriting the file.
See more:
- The new zero-day vulnerability on Windows 10 helps hackers take control of the computer
- Security vulnerabilities - basic insights
- Good hackers find and patch the vulnerability for more than 100,000 other routers
Isabella HumphreyYou should read it
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devices
- Security vulnerabilities - basic insights
- New dangerous vulnerability in Intel CPU: Works like Specter and Meltdown, threatening all PCs and the cloud
- Immediately fix critical vulnerabilities in Windows NTLM security protocol
- IBM developed a new technology to patch security holes
- Find security holes on every site with Nikto
- How to check if the computer has serious Windows 10 vulnerabilities
- Microsoft rewards $ 250,000 for any talent that discovers the new Meltdown and Specter vulnerabilities
May be interested
- Serious warning about Windows WMF vulnerability
symantec announced an alert 3 for windows' unpatched wmf security vulnerability. this is the second time in the last 18 months an alarm has appeared. because the official patch will not be available before january 10, 2006, for n & ecir - Detect a rare vulnerability that causes problems with the printer on Windows 10microsoft has just confirmed the existence of a rare vulnerability in windows 10, which can cause problems with the printer if they are connected to a pc via usb.
- Google Project Zero reveals a serious privilege escalation vulnerability in Windowsgoogle project zero is one of the highly regarded professional security organizations today. the team's findings are not only important to the google product itself, but also for other software products and services of other developers.
- Microsoft warns of RCE vulnerability in Windows diagnostic toolif you've ever contacted microsoft support to get windows or windows server issues resolved, you've probably been guided through the microsoft support diagnostic tool (msdt). ).
- Windows 10 vulnerability from Cortana helps hackers open unauthorized malicious websites and how to fix themby default, cortana will always listen to users' requests, even if the lock screen on windows 10, this is the hole that gives hackers the opportunity to manipulate the device and install malicious code. in computer.
- 12-year vulnerability in pkexec gives hackers root privileges on Linuxresearchers have just issued a warning about a vulnerability in polkit's pkexec component that is assigned the code cve-2021-4034 (and is known as pwnkit).
- Detected a serious zero-day vulnerability in Microsoft Office, click the document file and it will stickthe newly discovered vulnerability is called follina and currently there is no official patch from microsoft.
- New Vulnerability in Windows 10 Allows Admin Hijackingwindows 10 and windows 11 were vulnerable to a local escalation of privilege (eop) vulnerability after it was discovered that low-privileged users could access sensitive registry database files.
- Windows Hello vulnerability allows hackers to log in with fake facial photoshowever, recently, at the black hat security conference in las vegas, two researchers tillmann osswald and dr. baptiste david (from germany) revealed how the enterprise version of windows hello can be cracked, raising an extremely serious security issue.
- Fix for OpenVPN driver vulnerabilities that cause Windows systems to crashare you seeing the openvpn blue screen of death error in your vpn app? this error stems from an openvpn driver vulnerability and requires a patch from the source.
Attack the network
- If you do division by 0 on a computer, what will happen?
- China has at least 10 PoP presence points to hijack the network architecture
- iPhone X, iPhone 8 may slow down after upgrading to iOS 12.1
- Many encrypted SSDs can be decoded without a password
- Quora's question and answer page was attacked, causing 100 million users to leak personal information
- Warning: New extortion code GandCrab is attacking Vietnamese Internet users
If you do division by 0 on a computer, what will happen?
China has at least 10 PoP presence points to hijack the network architecture
iPhone X, iPhone 8 may slow down after upgrading to iOS 12.1
Many encrypted SSDs can be decoded without a password
Quora's question and answer page was attacked, causing 100 million users to leak personal information
Warning: New extortion code GandCrab is attacking Vietnamese Internet users